package com.tuo51.manager.controller;


import com.tuo51.foudation.constant.CommonConstant;
import com.tuo51.foudation.exception.BusinessException;
import com.tuo51.foudation.model.ErrorCode;
import com.tuo51.foudation.model.MemVerificationCache;
import com.tuo51.foudation.model.StatusResponse;
import com.tuo51.manager.domain.SysUser;
import com.tuo51.manager.service.SysUserService;
import com.tuo51.manager.vo.SysUserVO;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;
import java.util.HashMap;
import java.util.Map;

import static com.tuo51.foudation.constant.RedisConstant.STAFF_KEY;
import static com.tuo51.foudation.constant.RedisConstant.USER_KEY;
import static com.tuo51.foudation.constant.RequestConstant.TICKET;
import static org.springframework.web.bind.annotation.RequestMethod.GET;
import static org.springframework.web.bind.annotation.RequestMethod.POST;

@RestController
@RequestMapping("/mapi/auth")
@Api(value = "/mapi/auth", tags = "OP - 鉴权")
public class MAPIAuthController {

    @Autowired
    MemVerificationCache cache;

    @Autowired
    SysUserService sysUserService;

    @RequestMapping(value = "/login", method = POST)
    @ApiOperation("系统报告数量 0.全部，1.生效")
    public StatusResponse login(HttpServletRequest req,
                                @RequestHeader(value = TICKET, required = false) String ticket,
                                String username, String password){

        String sessionTicket = (String) req.getSession().getAttribute(TICKET);
        if (StringUtils.isEmpty(ticket) && StringUtils.isNotEmpty(sessionTicket)){
            ticket = sessionTicket;
        }

        if (StringUtils.isNotEmpty(ticket)) {
            String userId = cache.getStaffId(ticket);

            SysUser user = sysUserService.get(userId);

            SysUserVO ret = SysUserVO.of(user);
            ret.setPassword(null);
            return StatusResponse.success(ret);
        }

        if (StringUtils.isAnyEmpty(username, password)){
            throw new BusinessException(ErrorCode.STAFF_NOT_EXIST, "账号或密码不能为空");
        }

        SysUser sysUser = sysUserService.findByLoginName(username);
        String checker = sysUser.getPassword();

        if (checker.equals(password)){
            sysUser.setPassword(null);

            int platform = CommonConstant.Platform.OP.codeOf();

            ticket = cache.produceTicket(sysUser.getId(), platform);

            Map ret = new HashMap();
            ret.put(TICKET, ticket);
            ret.put(STAFF_KEY, username);
            ret.put(USER_KEY, SysUserVO.of(sysUser));

            return StatusResponse.success(ret);
        }

        return StatusResponse.error(ErrorCode.STAFF_NOT_EXIST, "账号或密码错误");

    }

    @RequestMapping(value = "/auth_status", method = GET)
    public StatusResponse authStatus(@RequestHeader(value = TICKET) String ticket){
        String userId = cache.getStaffId(ticket);

        SysUser user = sysUserService.get(userId);

        SysUserVO ret = SysUserVO.of(user);
        ret.setPassword(null);

        return StatusResponse.success(ret);
    }
}
